Sara Friedman

Sara Friedman joined Inside Cybersecurity in February 2020. Previously, she covered government IT for GCN and education technology for THE Journal and Campus Technology. She graduated from Ithaca College with bachelor’s degrees in journalism and politics.

Connect with Sara

MORE FROM THIS AUTHOR
Daily News | February 22, 2021

The Defense Department is working with the General Services Administration's Federal Risk and Authorization Management Program team to develop a "gap analysis" that will compare the cloud services effort with the Pentagon's Cybersecurity Maturity Model Certification initiative, according to DOD's Stacy Bostjanick.

Daily News | February 19, 2021

The Defense Department is expecting to release its first request for proposals containing requirements from its Cybersecurity Maturity Model Certification program in March, according to Pentagon acquisition Chief Information Security Officer Katie Arrington.

Daily News | February 16, 2021

The rollout of the Pentagon's Cybersecurity Maturity Model Certification program is one of several lines of effort at the Defense Department's acquisition office that addresses supply chain risk management, according to Pentagon acquisition leaders who described the multifaceted approach in an exclusive interview.

Daily News | February 11, 2021

The Defense Department's acquisition office and its partners are in the process of adjudicating comments on an interim rule implementing their Cybersecurity Maturity Model Certification program, which Pentagon leaders say will have an impact on the CMMC maturity model and assessment guides.

Daily News | February 8, 2021

The Defense Department has no plans to slow down the rollout of the Cybersecurity Maturity Model Certification program, according to a senior acquisition official, who says there is "bipartisan" support to get the new structure stood up at the Pentagon.

Daily News | February 2, 2021

Plans to separate the CMMC Accreditation Body's authorities to certify and train assessors is a positive sign, according to a leading defense industry association, but the trade group says they will keep a close watch on the rollout of the reorganization.

Daily News | February 1, 2021

The independent accreditation body behind the Pentagon's cyber certification program will be required to separate its assessor and training programs into business units, one of the many conditions in a no-cost contract signed by the Defense Department and the new non-profit reviewed by Inside Cybersecurity.

Daily News | January 28, 2021

The Defense Department is working on adjudicating comments from an interim final rule that established the Pentagon's Cybersecurity Maturity Model Certification program, which officials said Wednesday could change based on ongoing work on maturity levels four and five.

Daily News | January 20, 2021

The Defense Department is planning to issue a memo outlining how the maturity levels of its new cyber certification program align with FedRAMP and other standards used by industry.

The Insider | December 15, 2020

The Defense Department has announced the first round of pilot contracts that will include requirements under the Cybersecurity Maturity Model Certification program for the current fiscal year.

Daily News | December 8, 2020

The Defense Department is delaying defining the "scope" of its Cybersecurity Maturity Model Certification assessments for maturity levels one and three in the first editions of its assessment guides, which assessors say will impact the ability to conduct a comprehensive audit.

Daily News | December 7, 2020

The Defense Department has released two assessment guides outlining how auditing firms and their assessors will evaluate contractors who want to get certified for Cybersecurity Maturity Model Certification maturity levels one through three.

Daily News | December 7, 2020

The Pentagon's approach to making cybersecurity a foundational part of acquisition is mandating new compliance requirements for the defense industrial base, which could potentially create a division between primes and subcontractors when it comes to information sharing.

Daily News | December 4, 2020

Industry groups across a range of sectors are asking the Defense Department to provide more details on how its new cyber certification program will affect government contractors.

Daily News | December 4, 2020

An agency tasked with providing information technology services and support across the Defense Department is working on a "scoring rubric" to help its acquisition officials make decisions internally on contracting requirements related to the Pentagon's new cyber certification program.

Daily News | December 1, 2020

The accreditation body behind the Pentagon's cyber certification program is requiring assessors and consultants to sign a "Code of Professional Conduct," which details confidentiality protections and the "proper use" of information collected from contractors.

The Insider | November 25, 2020

The accreditation body behind the Pentagon's Cybersecurity Maturity Model Certification program has launched a new section of its website dedicated to providing contact information for certified practitioners and consultant companies.

Daily News | November 24, 2020

The Defense Department is planning to release its assessment guide for the Cybersecurity Maturity Model Certification program next week, outlining the details for how companies will be evaluated for maturity levels one through three.

Daily News | November 20, 2020

Lockheed Martin is working with its suppliers to get details on their efforts to reach compliance with current and upcoming cybersecurity regulations from the Pentagon.

Daily News | November 18, 2020

Two leaders from National Institute of Standards and Technology-funded centers focused on the manufacturing sector are expressing concerns on whether small businesses will be prepared for implementation of the Pentagon's cyber certification program on Dec. 1.

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.